Jim Schwar

regex is like Jenga, one wrong move and the whole effing thing comes crashing down

Regex: when you want to match some characters, but not too many characters, but also maybe some other characters, but not those characters, unless they're followed by these other characters... you know what, never mind, let's just use brute force. 🤯🤯🤯

It drives me bonkers that not all SIEMs support this and why I really like analytics platforms as the basis for threat detection/response.

Log parsing is the process of analyzing and extracting relevant information from log data. It is a critical component of security monitoring and threat detection.

The choice of parsing method depends on the specific use case, the types of data being analyzed. You need all of the above available to engineers to quickly and effectively get data in front of your analysts

SIEM technology is like that one annoying co-worker who always has something to say but never really delivers.

🧵

The billions of dollars of investment into ChatGPT and OpenAI will be worth every cent even if all I ever use it for is to solve my regex problems.

🔍 My ultimate workflow for simple and easy JavaScript Analysis ⚡️ Comprehensive JavaScript analysis in offensive security, appsec testing, and red teaming wins. Often you can find juicy hidden endpoints, parameters, & domains buried JS! A thread 🧵 1/x 👇